Security and Assurance

HHTU DSPT
The Hull Health Trials Unit is compliant with the NHS Data Security and Protection Toolkit.

All organisations that have access to NHS patient data and systems must use the DSPT to ensure that they are practicing good data security and that personal information is handled correctly. Organistations demonstrate compliance via completion of the DSPT online tool. This is a self assessment tool that allows organisations to measure their performance against the National Data Guardian’s 10 data security standards.

The HHTUs DSPT is reviewed and can be audited by NHS digital with results of any audits publicly available. For more information on audits please see here: https://digital.nhs.uk/services/data-access-request-service-dars/data-sharing-audits

The HHTU DSPT compliance can be seen via the link below:
https://www.dsptoolkit.nhs.uk/OrganisationSearch/EE133824-HHTU


AIMES
The Hull DSH uses a Trustworthy Research Environment provided by ARO. This provides a secure analytics environment via a Virtual Desktop Infrastructure (VDI) which is accessed by users via a VPN and 2 factor authentication.

More information can be found via the following link: https://aro.tech/solutions/data-centre-services/technologies/tre/

Some of the Assurance and Governance Certificates that ARO hold are:
● ISO 27001 – the most widely recognised independent global standards for security.
● NHS DSPT Toolkit Compliant
● Cyber Essentials Plus


IG STEERING GROUP
Governance of the DSH is the responsibility of HHTU Information Steering Group which is a sub group of the University of Hull IG Group and so provides a route of communication to the University Leadership Team.